Nome do pacote
squid
Data
2013-07-25
ID Alerta
MDVSA-2013:199
Versões afetadas
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Descrição do problema

Multiple vulnerabilities has been discovered and corrected in squid:

Due to incorrect data validation Squid is vulnerable to a buffer
overflow attack when processing specially crafted HTTP requests. This
problem allows any trusted client or client script who can generate
HTTP requests to trigger a buffer overflow in Squid, resulting in a
termination of the Squid service (CVE-2013-4115).

The updated packages have been patched to correct this issue.

Pacotes atualizados

MES5 i586

 ffce88499a510acbcb177beac961e9b5  mes5/i586/squid-3.0-22.7mdvmes5.2.i586.rpm
 7ef29bd52a77c505ec582ff43fd4880e  mes5/i586/squid-cachemgr-3.0-22.7mdvmes5.2.i586.rpm 
 d8de5bdfa7aaf524b2a94d8ce7c59629  mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm

MBS1 x86_64

 6ad99274db9760788fe533ed03672813  mbs1/x86_64/squid-3.1.19-5.3.mbs1.x86_64.rpm
 7d66032f7c6d79a90ad2ab8ac787e79e  mbs1/x86_64/squid-cachemgr-3.1.19-5.3.mbs1.x86_64.rpm 
 223b131a5049b8b4c5f1f6b0b1c23bf9  mbs1/SRPMS/squid-3.1.19-5.3.mbs1.src.rpm

MES5 x86_64

 10ee4e981bf49d1767b56e15a0af9539  mes5/x86_64/squid-3.0-22.7mdvmes5.2.x86_64.rpm
 bf67fa8e85c5b57a7f1cb23c170d2833  mes5/x86_64/squid-cachemgr-3.0-22.7mdvmes5.2.x86_64.rpm 
 d8de5bdfa7aaf524b2a94d8ce7c59629  mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm

Referências